The CEO’s Guide to Dealing With a Cyberattack

“If you look at how most companies got breached, it was a function of simple hygiene,” Hindawi told the forum audience. In other words, it’s not about how good the hacker is, it’s about the fact that companies are not doing their part in keeping their data secure.

“If you look at the attacks we’ve seen, and we’ve seen thousands, many of the companies didn’t do the things they’re supposed to,” Hindawi said.

“Have you wondered why these attacks keep happening?”, one writer asks in Digital Guardian. “All we are able to do, all that’s been done, is to build a massive perimeter defense that guarantees only authorized people will gain access. The problem here is that attackers steal authorization credentials. So to these defenses, the attackers still appear authorized. Perimeter network defenses are completely blind to the fact this person is a bad actor.”

Some organizations are using specialized software tools called Data Loss Prevention, or DLP, that are supposed to protect valuable company data. DLP software looks at files being sent off the network and tries to determine if they are sensitive. If it’s determined that they are sensitive and the action is risky, then the operation will be cancelled. Unfortunately, attackers have learned to adapt to traditional DLP software, Digital Guardian said.

So what options do companies have?

Hindawi said that Microsoft sends out regular security patches, pieces of software code intended to thwart new known threats, and that too few companies implement them rigorously. In addition, there are other basic tactics too many companies are ignoring, such as implementation of multi-factor authentication protocols and anti-virus software. “Imperfect as antivirus software may be,” Hindawi said, “having it is better than not having it.”

Chief Executive :Chief Executive magazine (published since 1977) is the definitive source that CEOs turn to for insight and ideas that help increase their effectiveness and grow their business. Chief Executive Group also produces e-newsletters and online content at chiefexecutive.net and manages Chief Executive Network and other executive peer groups, as well as conferences and roundtables that enable top corporate officers to discuss key subjects and share their experiences within a community of peers. Chief Executive facilitates the annual “CEO of the Year,” a prestigious honor bestowed upon an outstanding corporate leader, nominated and selected by a group of peers, and is known throughout the U.S. and elsewhere for its annual ranking of Best & Worst States for Business. Visit www.chiefexecutive.net for more information.